Source Code Review

A Source Code Review uncovers security vulnerabilities, security design flaws, violations of best practices, etc by examining the source code of an application.

Our consultants at GRC 360 develop a complete understanding of the application including its purpose, framework and background in order to determine key focus areas. We complement computer-aided source code review along with our manual code review to achieve best results. We support major platforms and languages that include PHP, JAVA EE, C/C++, .NET, etc.

We have the following approach towards conducting a source code review for our clients:

Gathering information to develop a complete know-how of the application by discussing the functionality and purpose of the application with the developers

Manually reviewing the source code by tracing data paths and discovering vulnerabilities other than the ones identified by automated scanning. These include business logic and authorization vulnerabilities.